package com.fengye.security.demo.controller;

import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PostAuthorize;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.servlet.ModelAndView;

/**
 * @Author sky
 * @Email <mailto:fengyexjtu@126.com>
 * @Date 2020/12/26 19:28
 * @Description
 */
@RestController
public class IndexController {

    @GetMapping("/")
    public String page() {
        return "index";
    }

    @GetMapping("/info")
    public String info(@AuthenticationPrincipal(expression = "username") String username) {
        return username;
    }




    @GetMapping("/test")
    @Secured({"AAA"})
    public String test() {
        return "test";
    }

    @GetMapping("/read")
    @PreAuthorize("hasAnyAuthority('read')")
    public String read() {
        return "read";
    }

    @GetMapping("/write")
    @PostAuthorize("hasAuthority('write')")
    public String write() {
        System.out.println("post write");
        return "write";
    }
    @GetMapping("/hello")
    public String hello(@AuthenticationPrincipal(expression = "username") String username) {
        return "hello " + username;
    }

    @GetMapping("/auth")
    @PreAuthorize("hasAnyRole('ROLE_TEST','ROLE_ADMIN')")
    public UserDetails auth(@AuthenticationPrincipal UserDetails userDetails) {
        return userDetails;
    }
}
